235 lines
4.6 KiB
Markdown
235 lines
4.6 KiB
Markdown
## Links
|
|
- [Split A GPU Between Multiple Computers - Proxmox LXC (Unprivileged)
|
|
](https://youtu.be/0ZDr5h52OOE?si=F4RVd5mA5IRjrpXU)
|
|
- [Must-Have OpenWrt Router Setup For Your Proxmox
|
|
](https://youtu.be/3mPbrunpjpk?si=WofNEJUZL4FAw7HP)
|
|
- [Docker on Proxmox LXC 🚀 Zero Bloat and Pure Performance!
|
|
](https://youtu.be/-ZSQdJ62r-Q?si=GCXOEsKnOdm6OIiz)
|
|
- [stuff](url)
|
|
|
|
## 'pct' commands
|
|
```markdown
|
|
[pct commands](https://git.crazystorm.xyz/medusa/the_information_nexus/src/branch/main/docs/tech_docs/pct.md)
|
|
```
|
|
|
|
### Proxmox Container Creation
|
|
|
|
Use the following command to create a new container with reduced memory and storage:
|
|
|
|
```bash
|
|
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --tag network --storage local-lvm --memory 128 --swap 0 --rootfs local-lvm:1,size=512M \
|
|
--net0 name=eth0,bridge=vmbr0,firewall=1 \
|
|
--net1 name=eth1,bridge=vmbr1,firewall=1
|
|
```
|
|
|
|
### OpenWRT Firewall Configuration
|
|
|
|
```bash
|
|
passwd
|
|
```
|
|
|
|
```bash
|
|
vi /etc/config/network
|
|
```
|
|
|
|
```bash
|
|
config interface 'loopback'
|
|
option proto 'static'
|
|
option ipaddr '127.0.0.1'
|
|
option netmask '255.0.0.0'
|
|
option device 'lo'
|
|
|
|
config interface 'wan'
|
|
option proto 'dhcp'
|
|
option device 'eth0'
|
|
|
|
config interface 'wan6'
|
|
option proto 'dhcpv6'
|
|
option device 'eth0'
|
|
|
|
config interface 'lan'
|
|
option proto 'static'
|
|
option device 'eth1'
|
|
option ipaddr '10.0.0.1'
|
|
option netmask '255.255.255.0'
|
|
|
|
config interface 'lan6'
|
|
option proto 'static'
|
|
option device 'eth1'
|
|
option ip6addr 'fd00::1/64'
|
|
```
|
|
|
|
```bash
|
|
130 j
|
|
```
|
|
|
|
```bash
|
|
vi /etc/config/firewall
|
|
```
|
|
|
|
```bash
|
|
config rule
|
|
option name 'Allow-SSH'
|
|
option src 'wan'
|
|
option proto 'tcp'
|
|
option dest_port '22'
|
|
option target 'ACCEPT'
|
|
|
|
config rule
|
|
option name 'Allow-HTTPS'
|
|
option src 'wan'
|
|
option proto 'tcp'
|
|
option dest_port '443'
|
|
option target 'ACCEPT'
|
|
|
|
config rule
|
|
option name 'Allow-HTTP'
|
|
option src 'wan'
|
|
option proto 'tcp'
|
|
option dest_port '80'
|
|
option target 'ACCEPT'
|
|
```
|
|
|
|
### Applying the Configuration
|
|
|
|
After updating the configuration files:
|
|
|
|
- **Restart Network Services**:
|
|
```bash
|
|
/etc/init.d/network restart
|
|
```
|
|
|
|
- **Reload Firewall Settings**:
|
|
```bash
|
|
/etc/init.d/firewall restart
|
|
```
|
|
|
|
### Installing Packages via CLI and Reboot
|
|
```bash
|
|
opkg update
|
|
```
|
|
|
|
```bash
|
|
opkg install qemu-ga
|
|
```
|
|
|
|
```bash
|
|
reboot
|
|
```
|
|
|
|
---
|
|
|
|
OpenWRT Container (ID: 100):
|
|
```bash
|
|
pct create 100 /var/lib/vz/template/cache/openwrt-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype unmanaged --hostname openwrt-0 --tag network --storage local-lvm --cores 2 --memory 128 --swap 0 --rootfs local-lvm:1,size=512M --net0 name=eth0,bridge=vmbr0,firewall=1 --net1 name=eth1,bridge=vmbr1,firewall=1
|
|
```
|
|
Kali Linux Container (ID: 200):
|
|
```bash
|
|
pct create 200 /var/lib/vz/template/cache/kali-default-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype debian --hostname kali-0 --password changeme --tag tools --storage local-lvm --cores 2 --memory 1024 --swap 512 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1
|
|
```
|
|
Alpine Container (ID: 300):
|
|
```bash
|
|
pct create 300 /var/lib/vz/template/cache/alpine-rootfs.tar.xz --unprivileged 1 --arch amd64 --ostype alpine --hostname alpine-0 --password changeme --tag docker --storage local-lvm --cores 2 --memory 1024 --swap 256 --rootfs local-lvm:1,size=8G --net0 name=eth0,bridge=vmbr0,firewall=1
|
|
```
|
|
|
|
```bash
|
|
pct enter 300
|
|
```
|
|
or
|
|
|
|
```bash
|
|
pct console 300
|
|
```
|
|
|
|
```bash
|
|
cat /etc/apk/repositories
|
|
```
|
|
|
|
```bash
|
|
sed -i '/^#.*community/s/^#//' /etc/apk/repositories
|
|
```
|
|
|
|
```bash
|
|
apk update && apk upgrade
|
|
```
|
|
|
|
```bash
|
|
apk add qemu-guest-agent newt curl openssh mc sudo
|
|
```
|
|
|
|
# Build Tools
|
|
```bash
|
|
apk add build-base gcc abuild binutils binutils-doc gcc-doc
|
|
```
|
|
|
|
## Network setup
|
|
|
|
```bash
|
|
setup-interfaces
|
|
```
|
|
|
|
```bash
|
|
service networking restart
|
|
```
|
|
|
|
6. Install and configure SSH:
|
|
|
|
```bash
|
|
apk add openssh
|
|
```
|
|
```bash
|
|
rc-update add sshd
|
|
```
|
|
```bash
|
|
service sshd start
|
|
```
|
|
```bash
|
|
vi /etc/ssh/sshd_config
|
|
```
|
|
Uncomment and modify the following lines:
|
|
|
|
```bash
|
|
PermitRootLogin no
|
|
PasswordAuthentication yes
|
|
```
|
|
Save and exit
|
|
|
|
```bash
|
|
service sshd restart
|
|
```
|
|
|
|
4. Create a system user and add them to the docker group and sudoers:
|
|
|
|
```bash
|
|
adduser -s /bin/ash medusa
|
|
```
|
|
|
|
```bash
|
|
addgroup medusa docker
|
|
```
|
|
|
|
```bash
|
|
visudo
|
|
```
|
|
|
|
Add the following line to the sudoers file:
|
|
|
|
```bash
|
|
medusa ALL=(ALL) ALL
|
|
```
|
|
|
|
Save and exit.
|
|
|
|
5. Start and enable the Docker service:
|
|
|
|
```bash
|
|
rc-update add docker default
|
|
```
|
|
|
|
```bash
|
|
service docker start
|
|
```
|
|
|
|
```bash
|
|
docker run hello-world
|
|
``` |